REMARKS 

The claims remaining in the present application are Claims 1-20. The 
Examiner is thanked for performing a thorough search. Claims 1,10 and 15 have 
been amended. No new matter has been added. For example, support for the 
amendments to the claims can be found, among other places, in the original Claim 
15. 



CLAIM REJECTIONS 
35 U.S.C. §102 

Claims 1-10. 13-17. and 20 

Claims 1-10, 13-17 and 20 are rejected under 35 U.S.C. §102(b) as being 
anticipated by U.S. Patent No. 5,850,516 by Schneier et al. (referred to hereinafter 
as "Schneier"). Applicants respectfully submit that embodiments of the present 
invention are neither taught nor suggested by Schneier. 

Amended Claim 1 recites, 

A security intrusion mitigation method comprising: 

utilizing network spanning tree configuration information to determine 
an action for mitigating diffusion of intrusive attacks between components 
associated with a network , wherein said spanning tree information includes 
an indication of an internal diffusion risk, wherein said internal diffusion risk is 
a risk of said attack diffusing from a first component associated with said 
network to a second component associated with said network; and 

performing said action for mitigating diffusion of intrusive attacks 
automatically, wherein said action for mitigating includes compensation for 
functional support of prioritized applications , (emphasis added) 

Applicant respectfully submits that Schneier does not teach or suggest, "an action 
for mitigating diffusion of intrusive attacks between components associated with a 
network... said action for mitigating includes compensation for functional support of 
prioritized applications," as recited by Claim 1 . 

Schneier teaches a method and apparatus for analyzing information systems 
using stored tree database structures. For example, referring to the first 4 lines of 
the abstract, Schneier 1 s method and apparatus "electronically represent and 
quantify the security of a system as a logical tree structure including leaf nodes 
representing attacks against the system and intermediate nodes representing 
various logical combinations of attacks necessary to mount a successful overall 
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attack." Referring to Col. 6 lines 53 and 54, the embodiments disclosed by Schneier 
are described in the context of opening a safe. Col. 7 lines 1-21 describe an 
example of Schneier"s attack tree, which includes possible ways to illegally open a 
safe. Examples of the steps include "convince the safe installer to install it 
improperly," "cut open the safe," "pick the lock of the safe," "convince someone to 
state the combination." 

However, nowhere does Schneier teach anything about "components 
associated with a network" let alone teach "an action for mitigating diffusion of 
intrusive attacks between components associated with a network." There is nothing 
in Schneier that is comparable to "a component associated with a network" and 
therefore Schneier cannot possibly teach an attack diffusing between components 
associated with a network. Further, Schneier teaches nothing that is comparable to 
"applications," "prioritized applications," "compensation for functional support," let 
alone "compensation for functional support of prioritized applications," as recited by 
Claim 1. 

For at least the forgoing reasons, Claim 1 should be patentable over 
Schneier. For similar reasons, independent Claim 10 should be patentable over 
Schneier because independent Claim 10 recites, among other things, "automatically 
mitigating an attack from spreading between components included in said highest 
risk path" since Schneier does not teach components included in a highest risk path 
let alone an attacking spreading between these components. For similar reasons, 
independent Claim 15 should be patentable over Schneier because independent 
Claim 15 recites, among other things, "determining a risk of an attack spreading 
from a first component to a second component included in a network." 

Claims 2-9 depend on Claim 1. Claims 11-14 depend on Claim 10. Claims 
16-20 depend on Claim 15. Further, these dependent claims recite additional 
limitations which further make them patentable. Therefore, these dependent claims 
should be patentable for at least the reasons that their respective independent 
claims should be patentable. 
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CONCLUSION 



In light of the above listed amendments and remarks, reconsideration of the 
rejected claims is requested. Based on the arguments and amendments presented 
above, it is respectfully submitted that Claims 1-20 overcome the rejections of record. 
For reasons discussed herein, Applicant respectfully requests that Claims 1-20 be 
considered be the Examiner. Therefore, allowance of Claims 1-20 is respectfully 
solicited. 

Should the Examiner have a question regarding the instant amendment and 
response, the Applicant invites the Examiner to contact the Applicant's undersigned 
representative at the below listed telephone number. 



Respectfully submitted, 
WAGNER, MURABITO & HAO LLP 




John P. Wagner Jr. 
Registration No. 35,398 




Address: 



Westridge Business Park 
123 Westridge Drive 
Watsonville, California 95076 USA 



Telephone: 



(408) 938-9060 Voice 
(408) 234-3649 Direct/Cell 
(408) 722-2350 Facsimile 
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